Udis86 Disassembler Library for x86 / x86-64

Udis86 is an easy-to-use, minimalistic disassembler library (libudis86) for the x86 class of instruction set architectures. It has a convenient interface for use in the analysis and instrumentation of binary code. Udis86 is distributed under the terms of the 2-clause BSD License.

udis86-1.7.2.tar.gz Documentation

libudis86

A disassembler library for the x86 architecture which allows you to decode a stream of bytes as x86 instructions, inspect various bits of information about them, and even translate to human readable assembly language form.

#include <stdio.h>
#include <udis86.h>

int main()
{
    ud_t ud_obj;

    ud_init(&ud_obj);
    ud_set_input_file(&ud_obj, stdin);
    ud_set_mode(&ud_obj, 64);
    ud_set_syntax(&ud_obj, UD_SYN_INTEL);

    while (ud_disassemble(&ud_obj)) {
        printf("\t%s\n", ud_insn_asm(&ud_obj));
    }

    return 0;
}

Supports 16bit, 32bit and 64bit modes.
General purpose and sytem instructions; media extensions such as MMX, 3DNow, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2; FPU (x87); AMD-V and INTEL-VMX, etc.
Generates output in INTEL style (NASM, YASM etc.) and AT&T-style (GNU assembler) output syntax.
Flexible input interface: Memory buffers, standard library FILEs, and function callbacks.

udcli

udcli is a command-line tool for your quick disassembly needs.

$ echo "65 67 89 87 76 65 54 56 78 89 09 00 87" | udcli -32 -x
0000000000000000 656789877665    mov [gs:bx+0x6576], eax
0000000000000000 54              push esp
0000000000000000 56              push esi
0000000000000000 7889            js 0x93 
0000000000000000 0900            or [eax], eax

Project

Note Active development of the project has now moved to Github at https://github.com/vmt/udis86. Please use the issue tracker to report bugs.

Udis86 is authored and maintained by Vivek Thampi (vivek.mt@gmail.com) with many contributions from the community. Patches are welcome, pull requests at Github are preferred, but feel free to use email. Thanks!